DLL - Checking validity - Programmer

This is a discussion on DLL - Checking validity - Programmer ; Hello All,
I'm after ideas or experience.
I have some functionality in a DLL that requests a "license" from a remote
license server (all bespoke and written by me). I want this behaviour in a
DLL as I intend to ...

DLL - Checking validity

Hello All,
I'm after ideas or experience.
I have some functionality in a DLL that requests a "license" from a remote
license server (all bespoke and written by me). I want this behaviour in a
DLL as I intend to call it from both VB and C++. From a hackers perspective
it would be easy to replace the DLL with one of their own that simply
'grants' the 'license' without asking the server. How can I ensure only the
"kosher" DLL is ever used??
Any help would be appreciated.
Regards
Paul

Re: DLL - Checking validity

"Paul Caswell" wrote in message
news:5hvec.49$NJ5.11@newsfe5-gui.server.ntli.net...
> Hello All,
> I'm after ideas or experience.
> I have some functionality in a DLL that requests a "license" from a remote
> license server (all bespoke and written by me). I want this behaviour in
a
> DLL as I intend to call it from both VB and C++. From a hackers
perspective
> it would be easy to replace the DLL with one of their own that simply
> 'grants' the 'license' without asking the server. How can I ensure only
the
> "kosher" DLL is ever used??
> Any help would be appreciated.
> Regards
> Paul
>

1. Add a custom resource to your DLL that is large enough to contain
a digital signature.

2. Compile the DLL.

3. Sign the DLL by sending the DLL through a digital signature algorithm,
skipping over your custom resource in the DLL.

4. Put the digital signature into the DLL at the location of the custom
resource.

5. On DLL initialization, send the DLL through the digital signature
algorithm,
skipping over your custom resource, then compare it to the signature stored
in the custom resource.